Privacy Policy - Rossi Firearms

Last updated: August 20th, 2025

INTRODUCTION

This Privacy Notice (“Notice”) is meant to demonstrate the commitment of Rossi International (“ROSSI”) with the privacy and protection of User information, when we process their Personal Data in the regular provision of our services and when the User uses our website [rossi-international.com], in accordance with current laws.

In this Notice, we describe how User Personal Data is collected, used, shared, and stored.

Please read this Notice carefully. If you still have questions, feel free to contact us through the Support Channels provided here.

Users who do not agree with the provisions of this Notice should discontinue accessing or using the ROSSI website.

DEFINITIONS

Notice: This refers to this Privacy Policy.
Controller: The company or individual who determines the purposes and means of processing Personal Information. Rossi is the Controller of its Users’ Personal Information.
Cookies: Small files sent by Rossi’s website, saved on Users’ devices, which store preferences and other limited information. Their purpose is to personalize Browse according to the User’s profile.
Personal data: Any information that refers to an identified or identifiable individual, such as, for example, a name, identification number, or address.
Data Protection Officer (DPO): The individual appointed by Rossi to act as a communication channel between the Company, Personal Data Subjects, and the competent authority.
Applicable law: All legislation concerning the privacy and protection of Personal Data.
Our environment: Refers to the electronic address [magtechammunition.com] and its subdomains, in addition to our physical premises.
Processor: The company or individual who processes Personal Data according to the Controller’s instructions.
Personal Data Subject: This refers to you, the natural person to whom Personal Data refers, whether as a user of the website.
International Data Transfer: The transfer of Personal Data to a foreign country or international organization of which the country is a member.
Processing: Any operation performed with Personal Data, such as those that refer to collection, production, receipt, classification, use, access, reproduction, transmission, distribution, processing, archiving, storage, deletion, evaluation or control of information, modification, communication, transfer, diffusion, or extraction.
User: Any individual who interacts with Rossi in situations where Personal Data may be provided, such as individuals who browse our website, employees, and service providers.

COLLECTION OF PERSONAL INFORMATION

The Personal Data we collect can be gathered when the User provides it personally or when there’s interaction on our website, as detailed below:

We may collect the following Personal Data:

What we collect?	Why we collect?
Contact information (Information sent through the SQUARE technical support link.)
Name	· Identify the User. Fulfill technical support requests for firearms registered by the User. Respond to questions, queries, comments, and any other messages the User sends us. Send announcements and news about ROSSI and our products.
Country
Company
Telephone
E-mail
Image submitted
Firearm Information (model and serial number)
Any other information the User voluntarily provides to us
Digital Identification Data
IP Address Logical Source Port	Identification and performance of statistical studies on website usage. Fulfillment of our legal and regulatory obligations (Law No. 12.965/2014).
Device (operating system version)
Timestamps
Pages acessed
Session ID
Cookies

Updating and Accuracy of Personal Data

The User is solely responsible for the accuracy, truthfulness, and updating of the Personal Data The User provides to us. We are not obligated to Process Personal Data if we have reason to believe that such Processing might imply a violation of any applicable law, or if the User is using our website for any illegal or unlawful purposes.

Links to Third-Party Websites

Our website may contain links to third-party websites or services. We strive to provide links to websites that demonstrate an appropriate level of commitment to User security and privacy. However, we are not responsible for the content or the Privacy Policy of these third parties. It is the User’s responsibility to review and agree or disagree with such terms.

Database

The database formed through the collection of Personal Data is our property and under our responsibility. Its use, access, and sharing, when necessary, will occur within the limits and purposes of the business described in this Notice.

We do not use any form of solely automated decision-making that affects your interests.

COOKIES

To improve your Browse and experience on the ROSSI website, we use Cookies.

Cookies are small digital text files your internet browser stores on your device (computer, smartphone, tablet, etc.). They save information related to your preferences, like your preferred language, location, session recurrence, and other variables.

To learn more about how we use Cookies, please see our Cookie Policy at [rossi-international.com/cookie-policy/].

SHARING OF PERSONAL DATA

The personal data collected and the recorded activities may be shared:

With companies that are part of the Economic Group to which ROSSI belongs, always in compliance with the guidelines of this Notice;
With third parties, for the provision of products or services essential to the delivery of our services;
With marketing and advertising companies, to deliver promotions and information relevant to your profile;
With competent judicial, administrative, or governmental authorities, whenever there’s a legal determination, request, demand, or order to do so;
Automatically, in the event of corporate movements, such as mergers, acquisitions, and incorporation.

We don’t sell, rent, or commercialize User Personal Data to third parties.

If you have any questions about who we share your Data with, please contact us through the Contact Channels available at the end of this Notice.

Data Anonymization. For market intelligence research, press information dissemination, and advertising, your Data will be shared in an anonymized manner, making it impossible to identify you.

HOW WE PROTECT YOUR DATA AND HOW YOU CAN PROTECT IT TOO

INFORMATION SECURITY AND GOVERNANCE PRACTICES

To safeguard your privacy and protect your data, we have a governance program that includes good practice rules, internal policies, and procedures. These establish organizational conditions, training, educational actions, and mechanisms for supervising and mitigating risks related to the Processing of Personal Data.

DATA ACCESS: PROPORTIONALITY AND REVELANCE

Internally, only duly authorized professionals can access the Personal Information we collect. This access is always guided by the principles of proportionality, necessity, and relevance, along with a commitment to confidentiality and preserving User privacy, as outlined in this Notice.

THIRD-PARTY PROCESSING UNDER OUR DIRECTION.

We carefully vet our partners and service providers and enter into contractual obligations with them regarding confidentiality, information security, and data protection. Our goal is to protect you by ensuring they adhere to our directives when processing your data.

HOW WE STORE YOUR DATA AND ACTIVITY LOGS

Storage location

We store your personal data and activity logs on our own servers in the United States or on carefully selected partner servers. To protect your privacy, we’ve adopted rigorous technical and administrative security measures. This ensures your data is secure, accessible only by authorized individuals, and protected from unauthorized alterations. We’re committed to preserving the confidentiality, integrity, and availability of your data for the entire period it’s under our responsibility.

If you’re a user located in Brazil, or if your personal data is processed with activities in Brazil, and your personal data is stored on servers outside of Brazil, this may constitute an international data transfer. In this case, the provisions of the International Data Transfer section below will apply.

Data Retention Period

We store Personal Data only for the time necessary to fulfill the purposes for which it was collected or to comply with any legal, regulatory, or rights preservation obligations. To achieve this, we have a Secure Information Retention and Disposal Policy.

Disposal of Personal Data

After the retention period and legal necessity have expired, Personal Data will be deleted using secure disposal methods or used in an anonymized form for statistical purposes.

INTERNATIONAL DATA TRANSFER

To enable and improve the execution of our activities, some of our resources and servers, as well as those of our partners and service providers, are located in various countries. This constitutes an international transfer of personal data, meaning your information may be shared outside of Brazil for the following purposes:

Purpose	Destination Country/Countries
Technical support	Brazil

We take the necessary measures to ensure that all data transfers comply with the requirements set forth by applicable data protection laws. We only transfer your personal data to partners that demonstrate compliance with Brazilian data protection regulations.

We maintain contracts with these partners that require strict standards for personal data protection and information security. These agreements ensure that your personal data is kept confidential and is processed solely for the purposes described above.

WHAT ARE YOUR RIGHTS AND HOW TO EXERCISE THEM

Your Fundamental Rights

Your data belongs to you. Applicable data protection laws grant you a series of rights concerning your personal data, which you may exercise by submitting a request to our Data Protection Officer (DPO) via the Contact Channel provided at the end of this Notice.

Confirmation and access: you may request confirmation of whether we process your personal data and access to such data, including copies of records we hold about you.
Correction: you may request the correction of any personal data that is incomplete, inaccurate, or outdated.
Anonymization, Blocking or Deletion: you may request the anonymization of your personal data so that it can no longer be associated with you, the temporary blocking of data processing for certain purposes, or the deletion of your personal data.
Data Portability: you may request that your personal data be provided in a structured and interoperable format for transfer to another entity, subject to our intellectual property rights and trade secrets.
Information about sharing: you may request information regarding third parties with whom we share your data, limited to information that does not compromise our intellectual property or trade secrets.
Withdrawal of Consent: you may withdraw your consent for processing activities based on consent. This withdrawal will not affect the lawfulness of processing carried out prior to the withdrawal. If the withdrawn consent is essential for the functioning of our services or platforms, access to such services may become unavailable.
Objection: you may object to the processing of your personal data if you do not agree with a specific purpose of processing.
Review of Automated Decisions: in cases involving decisions made solely through automated processing, you may request a r eview of the decision and express your point of view or indicate any interests that may have been affected.

You may exercise your rights by submitting a request through the following Contact Channel:

ROSSI INTERNATIONAL

[email protected]

Primary DPO: Cecília Helena de Castro
Deputy DPO: Leandro Bissoli

Requests

To ensure your security, whenever you submit a request to exercise your rights, we may ask for additional information to verify your identity. This is necessary to prevent fraud and unauthorized access to personal data.

Denial of Requests

We may decline certain requests to exercise rights if compliance would violate our intellectual property rights or trade secrets, or if we are legally or regulatorily required to retain the data. Additionally, we may reject requests when data retention is necessary to protect our rights or the rights of third parties in legal or administrative proceedings.

Response of Requests

We are committed to responding to all requests within a reasonable timeframe and always in accordance with applicable data protection laws.

ADDITIONAL INFORMATION

The ROSSI may change the content of this Notice at any time, according to purpose or necessity. It’s up to the User to verify it whenever accessing the website or using the services provided.

If there are updates to this document that require new consent collection, Users will be duly notified.

Should any point in this Notice be deemed unenforceable by the competent authority, including judicial, the remaining conditions will remain in full force and effect.

This Notice will be interpreted in accordance with Brazilian law, with the User’s domicile elected to resolve any controversy involving this document, unless a specific exception of personal, territorial, or functional jurisdiction is provided by applicable law.

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.